IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 
FORMAL UTILITY PATENT APPLICATION 

TO ALL WHOM IT MA Y CONCERN: 

ENRIQUE DAVID SANCHO, of P.O. Box 1151, Zichron Yaacov, 
30900, Israel, has invented: 

A System and M ethod For Secure Network Purchasing 

for which the following is a formal utility application for Letters 
Patent. 
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Technological Field OfTho jnygntjon 

The present invention relates to systems and methods for , mp , 6rnenting secure 
******** More P .rt,cu„rty, the methods re ,e,e to a system which permlls purchasas 
merchandise ,0 be made over e eom P u,er network, whereby , h , p „ rchasar may „ ^ ^ 
persona, credit era information is no, ,, „sk o, helng diverted, mie. Ppr o pri a,ed or ^ ^ 
merohant may be more oonfident that the purchaser is bona fide. 

1 ts weii known ,or buyer, o, merchandise to access me 9 ioba, Cent/server network common,, 
referred to as the mteme, , p, rt of which is the Wortd Wide Web, for the P u,pose o, se,roh,n 9 for 
end purchasing merchandise „om on.„„e vendors se„,„ g wares fnm ^ 
investment services ,o hu,,„ 9 CD reoord,n 9 s, books, sofKvare, com P utar hard „ the „ k . 

Numerous patents have aiready been granted which teach methods or systems porting to 
secure oommerCa, cred,, card transacdons carried ou, over «,. , ntemet . Exan)p , es „, ^ 
pa.ents-inciudeus Paten, N os. Wm to E , 9amal , S^ ^^ „ ' 

ensures o, which are incurred by reference herein for pr0 v,d,„ 9 background and as 
indicative o„be state o„he art prior to the invention herein disclosed. 

Most o, ,be discioeed systems bave the d,sadvanta 9 e tha, ,bey reiy on «he transmission o f 
-stive information over unsecured networ* routes and iines for each transaction. Aitbough 
Pfec„ca„y. P eaMn 9 , tbe systems which use encry P ,,on are fairiy 8afe , th6re , ^ Qf 

cred,, ca,d misa Ppropria ,ion and there is iittie pS ycbo,o 9 ica, com f ort 9 ,ve„ to po.en.ia, users by 
the,r knowing that enctyptlon Is being used. 
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Oenereily 9 pe. king . th e interna, „ . network of computm ^ ^ ^ ^ ^ ^ 

verfety of communis llnes , ncludlng te , ephone (inM Mb|e te|evfeion iinMi Mteiiite 

and the „ k e. interne, servlce proWdere (herelnaftcr ^ provide ^ (|nk (o ^ ^ 

- the .reel, end „ se re. The accou „, for (he end esiawished ^ ^ 

manner usueliy „y provldlng credlt card informaHon ^ ^ by ^ ^ ^ 

vo,ca teiepnony, rex trensmlseion or checK. ,n most ISP-end user ^ , sp has ^ • 
8 ive„ credit cerd „ r „ fne r credit accoun, ,„ formatren , which , nforma , Ion „ on ^ ^ ^ ^ ^ 
avaiiabie to .he ,SP.. con.p^. ,„ relum for ^ paymen , (h6 (sp prov|dM a gate ^ (o 
•he .*.„,., en , use ,, _ The end _ ^ subscriber) |s ^ ^ 

codes for d, a ,„„ B dhecuy ,„«o the ,SP, computer, and software ^ ^ ^ 

so«ware, Wear software, electee mai , software, and «ha »«., ,or do,n g so „ necessary. 

Mas, phases are conduced ,„ f „„ wing _ . ^ , ^ 

° ° 0a ' C " en ' °~ ~ * * -dam „ a dial-up lnternet ServIce 

Prov.de, (hereinafter ,SP, and makes ^ ^ ^ ^ ^ 

^ ' 0CaB ° gned " URL < U " if °™ " esource Locator, a ddreas. The purser selects his 
merchandise and the vandoruSual* re q ues S ^ymWby one o f severe, methods, one 
usually includes payment by providing credit card information. 

AOcordi„ g ,„ surveys end other m ari< e,,„ g data, there aiways has heen and thare stili exists a hi g h 
Pereen bga * tha popuiation which is detered from purch as i„ 8 merehandl , e direc(ly _ 
internet This larg e popuiadon a pp are „„y feare that, despite e„ the offer* a, security and 
ctyp.o 3 raphy promised by the vendore, there s „„ exists the possibiiity that thelr cred|t accoun( 
information wii, he intercepted on,,„e hy e third par,, computer hecKer and used „,e g al,y, a, g rea, 
expense and trouble for the cardho/der. 



An additional anxiety-inducing factor related to merchandising 



over the Internet, or e-commerce, 
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is .hat .he merchant canno, ahvays he certain ,ha. Jus. hecause he has obtained credit card 
infomatlon, iha, he w,„ actuaily be pa,d for .he merchandise he ships. After a,., credi. card fteud 
and/or theft occurs regularly and may no, be caugh. In ,,me ,o s,op ,he order fron, being shipped 
When ft. cardholder discovers .he .heft and s«ops ,he card, ft may be ,00 „«e for the vendor .0 
recover his property. At the very leas,, ,his si.ue.ion ,eads ,0 unnecessary aggravation and 
wasted resources for .he merchant, credi, card company and careholder. 

Summary And Objects T Re Invention 

Thus, I, ,s ,„ objedve of ,he present Invention ,0 provide a system and method for po.en.ia, 
on-llne buyers of merchandise marketed over the Interne, ,0 pay for ,hose purchases with 
minimized exposure ,0 the risk of credi, card theft by electronic interception. 

I. la a further objective of ,he invention ,0 provide a mechanism for faditating a-commerce which 
win increase me confldence 0, the consum.ng public In the safety of such transacions. 

i« is mm a further objecftve 0, ,he invenflon «o provide a mechanism for faciiiteung a-commerce 
Wh,cn w«, Increase the conudenee wi,h which vendors may ship .he purchased product deliver 
,be purchased service without fear of Ore payment being provided freudulendy. 

it ie ye, a further object of ,he present InvenUon ,0 provide a site-specmc end computer-specific 
.denuflcation confirmation system for use In a secure electronic purchasing system. 

These objectives and o,here and o,hers no, specifically enumerated herein are achieved by me 
■nvendon disclosed herein which comprises a system and method for providing payment ,0 an 
on-hne merchan, for services or goods provided ,0 an on-Hne buyer. ,„ one exemplary 
embodiment, ,he method tekes advantege of the ex,s„ng business reiattonships baleen ,he 
member computers which form the structure of the Interne,. 
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Each ,1m. a subscriber signs In ,o toe ,SP's computers for an on-line session, ,b, subscriber is 
assigned an interne, Protoco, (hereinafter »,P») address. The subscriber's computer transmits 
messages which are received by ,he ,SP computer and reiayed through ,he ,P address and o„, 
onto the interne, to ,he u„ima,e intended reoipien, computer. During ,he e„,,re ,,me ,he on-iine 
session in progress, ,he ,P addtass does no, change and is tons avaiiabie as .demising 
■nfonmarion. By monitoring and occasion,,* verifying ,ha« ,he subscriber's computer is srii, 
on.„„e a, rite assigned .P aridreas, ,he iSP can confirm to,, certein aoriviriea couid be ariributed to 
the subscriber. 

One embodimen, o, toe present invenrion tokes advantege o. ,he intimate fe„«o„sh,p which is 
te-created event rime an interne, subscriber's computer goes oniine and signs into his iSP's 
computer by assigning to toe .SP computer toe funcrion o, ciearinghouae and acrive intermediary 
bebveen toe subscribe,, computer and toe vendor's computer. A subscriber computer signs ,„ 
to toe ,SP compute, system and is recognized a W ,ss,g„ed an IP address. When toe subscriber 
"endues merchandise or services a, a vendor's webshe which he wishes to purchase, he sends 
programming to ,he webs,,, which seiecte ,he Kerns and ins.nucte toe vendor's computer to 
3enera,e 2 PUrCh «*» * — to toe ISP computer. The purchase 
autoorfcarion regues, conteins information abou, toe merchandise to be purchased, idenrifying 
mformarion abou, toe proposed punchaser, some of which Is ,he Idenrifying informa.lon assigned 
by ,he ISP to toe subscribe, The ISP confirms internally to,, toe subscriber is s,i„ signed in to 
the ISP computer system, by verifying ,he ,den,„y of toe computer currenriy acriveiy 
communicaring torough toe ,P address. When sarisried toa, toe subscriber is s,i„ online, toe ISP 
computer generates and sends a message to ,he subscriber's computer muuesring conflrmarion 
of toe order for the merchandise. Upon receip, from toe subscriber's computer of toe 
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confirmation, ISP generates ^ lnnmlts f „ ^ ^ ^ ^ 

the order and proving a conflmtafion „ umber , agr6e ,„ g t0 pay ^ ^ ^ ^ 
computer subsequently generates end pre S en«s «o ,h. ISP compu,,, lsPcomputer , hen ^ ^ 
suhscdber, credit card Information and presents an invo , ce ^ ^ ^ ^ ^ ^ . 
sent through normal channels. 



-n another exempt embodbnen. c, th. present invention, the ,SP doee no. serve ,s th. credit 
giver or trensactlon vertfierfguarantor. This function „ pr ov,d.d by , ba„K or vendor w>«, whom 
«. subscriber already has , cr.dK account, and who h as sn online presence, ,, . 
•ransacUon server oonneoted to the which oan palpate ,„ ,he lransactl0 „ „ „ .„ 

carried out by the subscriber/consumer. 

Brief Description Of Tha n,-^,,..^ 

For better u„d.r«a„d„g 6f in ve„„o„. the fo„o„,„g dra „,„ gs are inclllded fo , 
combination with the detailed specification which follows: 

PS. 1 shows a buyer compute, ,„ communis With a vendor computer via the ISP computer 
wherem buyer computer le initiating a purchase transaction; 



m 



F-g. * shows the vendor computer communicating wfth the ISP computer to re q „es, auction 
to complete buyer's requested transaction; 

F.». 3 shows the ISP computer conflrming tha, correc, IP address Is active wnh buyer, computer 
and requesting confirmation of buyer's transaction; 

"a. 4 shows buyers computer responding to ISP compute,, request for conflrmadon; 
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Fig. 5 shows MR computer's transmission of, confirmation coda and invoicing instructions to 
vendor's computer; 



Fig. 6 shows a block diagram illustrating another exemplary embodiment of the present Invention; 
and 



Fig. 7 shows a block diagram Illustrating another exemplary embodiment of the present Invention. 
Detailed Description Of Th. Fy- noian, Emhortlm C nh= 

As was mentioned hereinabove, in on. exemplary embodiment Che invention, the edit account 
for the subscriber (also referred to a, an end user or Buyer) is established In .he norma, manner 
usually by proving credit card Information to the ISP by convent,, m . ans , such as ^ ^ 
telephony, fax transmission or check. In mos„SP.nd user relaflonahips, ,ha ISP has been given 
credit card Information and this information Is on me with the .SP and avilab.e to the ISP's 
computers. ,„ return for receiving payment, the ISP prides a gateway to ,h. Internet for me 
end-„se,s use. The endear for subscriber, is provided with software means and Identification 
codas.fo, dialling directly int. m , ISP* computers. The ^ .SPV.omputem asslgh ,„ , nterne , 
Protocol (hereinafter ,p-, addreS8 to subscrlber for „„ du|r|ng ^ ^ ^ 

in progress. The subscribe,, computer transmits messages which are received by the ,SP 

tecplen, computer. During tbe entire time the on*, session In pragmas, the IP address does 
no. Change and Is thus available as identifying information. By monitonng and occasionally 
"-verifying .ha. .he subscribers computer is s.,,1 on-line a. th. assigned IP address, the ISP can 
confirm that certain activities could be attributed to the subscriber. 

This exempiary embodiment of ,b. present invention takes advantage of the Intlmat. ralationshlp 
Wh,ch is re-created every ,1m. an Interne, subscriber's computer goes online and sign. i„ t o 
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ISP's computer by assigning to the ,SP computer the function of clearinghouse and active 
intermediary between the subscriber's computer and the vendor's computer. 



The method is described with reference to the drawings described hereinabove 



as follows: 



The ISP (also referred .o hereinafter as a "Caarlnghouse Computer", is assigned a unique ISP-iD 
code. 



As described hereinabove, the ISP's subscriber or eus.on.er (hereinafter "Buyer", has gained the 
ability to access .he interne, network from his remote computer by opening an account with ,SP. 

The Buyer has provided credit card or other payment information to the ISP when the account was 
opened, by conventional mail, tex, vole, telephony or any other acceptable method Including 
known methods. In exchange, Buyer receives from the ISP certain software and identification 
codas which permit Buyer's computer to communicate with the ISP's computet* and to negotiate 
(request and obtain) an IP address. 

A. time of first algn-on, Buyer', Computer (hereinafter referred to as ''BC', transmits to BC a 
Buyer-ID code which Is electronically recorded or wrWen into a file (e.g. a cookie „,„ on Bc . n . 
Buyer ID code could be generated by any number of methods known In the art for generating 
identification codes. 

When Buyer activates his BC to log onto ISP network (BC provides standard ,og,„ infomation to 
ISP), ISP also reads and logs In Buyer-ID code and assigns IP address for current session ,o BC. 

BC connects via ,SP porta, wlth Merchant Computer ,MC, and Buyer aelecte desired merchandise 
and further selects ,o pay using Security program manager payment method disclosed 
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hereinbelow. 



Buyer-ID and BC's IP address assigned for current session are provided to MC programmed to 
request and receive said information 



MC is programmed to use Buyer-ID and BC's current IP address along with information such as 
desired .tern ID, cost and name for generating an electronic purchase inquiry which is transmitted 
through the network to ISP. 

ISP is programmed such that upon receipt of purchase inquiry from MC, ISP uses combination of 
IP address and Buyer-ID to determine within ISP's internal network whether Buyer is in fact still 
online at the address assigned at the beginning of the online session. 

If ISP computer is unable to confirm that BC is still connected to ISP system at the IP address 
expected, or that the BC IP address given by MC is deferent from that assigned by ISP to BC, then 
a negative message is generated by ISP's computer and transmitted to MC thereby resuming in the 
early terminations the purchase transaction process by MC. ISP's computer may alternatively 
be programmed to conduct other tests or inspect for other necessary conditionsin an attempt to 
verify the source of the order placed with MC. 

'f BC is determined to be connected to ISP at correct address, ISP sends message containing 
details of purchase inquiry to BC asking Buyer to input confirmation of details of purchase 
desired to be transacted with MC. 

Upon input of confirmation command by Buyer into BC, BC generates and transmits a 
confirmation to ISP. 
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On receipt o. Beyer's confirmation. ISP then aerates « transmits . Transaction Confirmation 
Number end instructs MC to proceed wnn fining Buyer* order end also .o generate end forward 



an invoice to ISP. 



The invoice to the ISP can be generated electronically and transmitted directiy to ISP's computer 
instantaneously (during the same session, or MC .might wait until receiving programming 
indicating that the order has actually been filled. 

Rece,p, of .he invoice by iSP's computer then causes the ISP compter .o generate and transmit 
either electronically or through conventional meens, an Instruction to Buyer* credit « 
company to deb,, Buyer's eccoun, for the amount of the purchase. Alternatively, ,SP could bin 
Buyer direciy or any other reimbursement arrangement, e.g. «h re „ g „ an lnsurance ^ „ 
contemplated herein. 



in another exemplary embodiment of the present invention, either the ISP* server acts as the 
secure coordinator or a biach box (hereinafter «,SP Toolbox", ,s iocated a, the site of the ISP 
server. The following descrip«on win describe th^bodlmen, where , he security coordinator 
functions are carried out by an ISP Toolbox. 



Physical Placement of ISP Toolbox - 

I" this exemplary embodiment, the ISP Toolbox is iocated a. the physic,, she of the ISP, the ISP 

Toolbox is connected to the phone or communication iinea coming ,„ t0 the ,SP server directly 
*om use* on sne 8lde 6f , sp S6rvw The , sp TMlbox te aiso connKted (o ^ ^ ^ 

Interne, ,v,a the modem basket, from the ISP serve, The ,SP Toolbox does no. interact directly 
w..h the ISP serve, Por the most pari, „ monitors incoming and outgoing trafflc , waitlng „ , ake 
nver those communications should a security related transaction be called for by a home user 
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The ,SP Toolbox is ,ssen,, a ,, y a minlwver , dsdlcaled , 0 , h9 sscurlty usks ass|gned (o . ^ 
ISP Toolbox „ provided wlth programming which, when w ^ ^ ^ 

ou, .be proposed transaction. Th6 followlng , c . nar|0 ^ ^ ^ ^ _ ^ 

for such a security related transaction Is detected by the ISP Toolbox. 



As wli, be further described herelnbelow, ,„ anoUrer exemplary embodiment, , he Toolbox „ ^ 
located at the ISP but at the site of another credit provider. 



1. ^"-''-^^-Tblsprocessoniyneedstoocouronceforesohaco/ountvvhlch, 
user might have: 



a) in order to begin participation in the secure transaction system Instellad by his or her 
ISP, a User a, home connects his home PC w*h the eerver of ,h. ISP witt, whom the home 
uaer ha. established an iSP-user relationship. Upon establishing direct dla.-up 

«» *. ISP server, thebom. user activates aFe ^mS^T 

example by clicking , button presented on bls broker using his Inpu, device, which alerts 

the ISP Toolbox to user's request for an application to enrol, user's PC tn system of the 

invention. 



b) The ISP Toolbox supplies an applyaep (".asp" denotes ,„ active server page, file 
browser application, such as Netscape Company's Navlgat0r9 „ Communica , orE ^ 
applications or Microsoft Corp.'a interne, Explorer® ap p „c atl o„s. The user fi„s ,„ the 
requested informetlon into the form end clicxs one submit button on his dlspiey The 
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apply.asp submits a new application record bearing the user's ISP user name back to .He ISP 
Toolbox „h,cb ,„ lurn notifies , h s ISP, for example by way of an e-mail bearing a URL Una to 
.he application form, that a request for credit has been made. A cred,. decision on .he 
application is then made either electronically a. .he love, of the ISP based on predefined or 
by a human credi, manager. The ISP verifies the usernamo and e-mail address of the user 
and sets a credit limit The account is marked as -activated- by the setting of an approved 
credttlimi, which Initiates promotion by the ISP toolbox of the user r«ord from ,pp„ ca , lc)n 
status to active account status. 

2) Ae «"«°"°'<h.^ 

unique identification for the user. The ISP toolbox then generates and transmits ah e-mail to 
the ueer which contains a link to a registration URL. When the user opehs th.e-mal. end 
clicks on the registration URL, it download, and activates an Installadon page and , system 
file from the ISP Toolbox, containing a Locator which comprises an <o B JECT> teg, the teg 
pointing to a GUID (Unique ID generator) and a codebase. The Locator is installed in the 
user's browser cache and an instance thereof is blown inside the HTML page object module. 

The ISP Toolbox asks user ha Inspect his/herpersonaldate, to choose a personal password 
and dick an icon or button to finish activation of the new account disking the button 
causes the onsubmi, handler which came as part of the Locator, to start running a scrip, 
which takes the user information, UID and further information about the user's computer and 
sends these back to the ISP Toolbox. 

Stupid agent - directs user to most recent client software. 

Client software - encryption and decryption and retrieving data from wallet kept in 
registry , i.e. . 



Generation of GUID by Black Box 
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5) Describe purchasing session. 

a) Online user.goes «o Website of merchant u S .n 9 any Web Browser Program end selects 
merchandise to purchase. 

b) User is offered methods of payment and selects option button for "SECURITY 
PROGRAM MANAGER" or "SAFE PAY OPTION". ' ~ 

0 InanAutofetch process, an OnChange script handler in User's software prepares and 
sends request to Security program manager server for Session User Identity. 

d) Security program manager server redirects request to user's b.ack-box equipped ISP . 

e) ISP black box searches its files and returns user's identity. 

f) A user form is generated by user's computer and populated with user information 
including identity returned in step (e) from ISP black box. 

9) . f ° rm !S SUbmitted l tQ9ether with a ^allenge which is forwarded to the vendor 



server. 



h) Vendor server runs a script that calls the Security program manager server's 

getGatePass.asp, thereby transmitting the Session User Identity, IP (user's current IP 
address), Sum and the challenge. 

») TheSecurity program manager center redirects the vendor server's cal.totheISP 
identified by the IP while the user stands by. 

i) The «SP's getGatePass.asp runs a check of the IP provided as part of the vendor 

server's call against the internal.y known ,P to make the sure that is where the user really is 
'oggedin. ™elPtestfai.s,thevendorse^^^ 
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ISP server and the transaction is terminated. 



«) If .he IP test succeeds „... th . user ready >s connected ,o , h e correct IP address, then 
the ISP challenges the home listener . 

The exampie. discussed herein and demonstrated by ,he P, gures are mere , y 
purposes only. Venations and modlncaflons o, the d,sc,oeed invenbon In a manner „e„ wnhln 
*e ,W of ma man of average .Kll, ,„ ,he art are contemplated and m ^ ^ ^ 
encompassed -In the scope and spirit o, me inventton as denned by ,be cleims wbtcb foilow. 

Por example, in another exemplary embodiment ,he ISP is no, «,. site where , he Toolbox resides 

With reference to Pi 8 . 7 , The Tooibo* eould be physica „ y ^ >( ^ ^ ^ ^ ^ ^ 

("CmdnoO, e. g . online-enebied bans, credit card provider or other amnHy™, or 

provider (InCudlng bricx-and-mortar reteiier-s w„b en oniine pre se„ce such as «acy,, and ,„ 

communication through norma, channeis wi«h Credos tmnsactiona, serve, ,„ lhis case the 

ISP wouid no, be en adve part of ,he purchase bsnsacion, o,her man ,„ me usua, Known way by 

B .v.ng User access ,o ,he internet Generally, excepts specified hereinbelow, «he 

process proceeds substernal,, as decribed he.inabove. Specificaliy, ,„ CMmplary 

embodiment, the account is set up as follows: 

0 lnorder.0 subscribe to or begin part,cipa«,on in ma secure ,ransac,,on system in which his 
Creditor also participates, a User a, home .connect, his home PC wHh ,he interne, via an ,SP 
Upon esteblishing communlclon, with ,he Creditor server, user acivetes a ge,app,ica,io„ 
hie on Editors Website, tor example by Coxing a button presented by user's browser using 
his input device, which aierts the Creditor Tooiboxto user's requestor an application to 
enrol, user's PC in system of the ,„ven,.on. The system is specific to the user PC which is 
enrolled as will be further elaborated hereinbelow. 
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21 The Creditor's Too.bo, supplies an apply.asp ,,, asp „ denoles ,„ ^ ^ ^ ^ ^ 
.he browser appiicatio. The user fiii. the requested information ,„,„ fom; usua||y ^ 
wil, include e user name (either new or pre-existing,, a requested credH „„,, and an e . mai| 
address which isaccessibie front the PC, iaptop or other Cent computer from which user 
wishes to he ableto ma k e purchases. The app,y.asp aiso ,„c,udes diagnostic programming 
whl ' hl -^whenuserc,ic,cson,hes„bmnors l8 „„p 1)l , ttono „ nis(|isp , ay ^ 
Pb.n, the appiy.asp "reads" diagnoses whether the user's PC has iabetied Certain component 
wh,ch can he used for genemtmg a fingerprint fli. for helping to verify user's PC's identity ,„ 
future functions. Certain basic information is "read" and is transparent* submhled by the 
apply.asp aiong with the user-provided information ■„ the form ofa new appiicafion record 
bearing the user's IP address back to the Creditor's Toolbox. 

3) The application is processed by a credit-decision maker. This may be either done 
automatically by Creditor's server based on prCefmabie parameters and access to user's 
credKparticuia. and the partners provided in the appiicatip, or bye human credit operator 
Who manual* opens «he application record by accessing the Toolbox Administration Center 

on the application is made and a credu „mi, is se, or the appiicaUon is re,.c,ed. Rejected, an 
e-mail is generated to inform user. 

«> , ' ,hea "'-«-k««p t ed,«hea^^ 
approved credit iimi, which initiates promotion by ,h. Creditor Toolbox o, the user record from 
application status toaotlve account stents. Activation of the account a.so inmates a process 
by which the Creditor Tooibox generates a fingerprlh, fiie inciuding a unique identification 
< ■UID", for the user using the identifying characteristics of user's PC which were diagnosed by 

*• W ' y - aSP aCC ° mPan,ed ** <«* CPU ID number, hard disk serial number 

amountg o, RAM, Bios version and type, etc.,. User is notified via an e^ai, sen, to ,he e-mai, 
"dress specified in the eppiication. The e-mai, includes a notification ofwha, credits has 
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beense. and K„ so lnclU(ie8 , hypertext „„„ e g ■■ £! m9cllckhaf . „„, ,.„,,,. m _ 

When user Coke on the „„„ wh,ch is also , registration URL, „ down,oads end acBva.es ,„ 
Ms.a„a.,on page and system fiies from the Creditor's Toolbox, inCuding , Looa.orwh.oh 
comprises s„ <o BJ BCT> teg, the teg polndng ,o e OU,D (Unique 1D ^ , ^ 

,encryp,io„ and decryption programs, a hendehaKe oode generating program , and , cha|| . nge 
generabng program are among the files downloaded for future use by the UMr pc . ^ may 

retrieving encrypted data from the wallet kept in user's PC registry) The 
Locator Is installed in .he users PC and an instance .hereof is blown inside .be HTML page 
object module. The above step occurs on.y after ,h. „nk acdvates a file which reads .he 
Idendty number, o„h. various components of user's PC to make sure thatth. „eer PC is the 
same one from which .he applioadon was genemted ,n Parage 2 bereinabove. if ,„ fcc, 
appears to be the same user PC, then the rest of the download takes place. 

5) ^^-^Toolboxesksusertofiitinberseiec.edpasewordagainandtoniiinbe, 
Persona, date, and click an Icon or button to finish acdvation of the new account. Clicking the 
button causes me oneubmi, handler which came as par, .,„,, Locator , to star , runnjn!) a 

user's computer and sends these back to <h. Credttofs Toolbox for future reference. 

S) Another of the items which may have been downloaded into User's computer is a Stupid 
agent which directe User's computer to the most recent clien, soft „ are available , 
«,. Creditor Toolbox or from a Secure Management WebSite. This stupid agen, is 
.he beginning of any purchase .raneaCion, .o ensure .ha. User has the mos. recent agents .o 
Perm,, the tranaacion to work, and opdonally to provide Creditor Too,box or ,b, Securt.y 
Management Webshe „,.h an opportune to verhy .ha. ce rt e|n ,den,,fy,ng factors o, User's 
system have not changed, as a security spotcheck. 



7) A 



participating Merchant agrees to participate in the Safe system of the invention and does 
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so by incorporate source cod, provided by th. Security Pre*™ „ anager lntohfe ^ 
Payment Method" Wab pag , Thls p] creates a „ opflon for ^ ^ ^ ^ ^ ^ 

^ , "™"«on.whic,,„h,„.c«va te dbyauser,caus«M. roh ,„ ts , rv6rtolakellseI ,, |p 
address and send a request «o Cred,.or Toolbox asking for verification „, ,„„ us6r hav(ng , p 
address proWded is ac.ua,,,, on,i„e and piaclng an order having a certain p„,chas. va,ue and 
(b, .ha. user has a sufficient cred,. lim„«o place an order of .ha. va,ue and ,op t iona„y M ha, 
Creditor has agreed honor a demand for payment of said purchase. Thefu„cyc,eofa 
transaction „,,, be described more comp,e«e,y and ,n greater date,, hereinbelow. 

With reference to F,G. 7, it can be seen mat a typical purchasing session in this exemplary 
embodiment proceeds as follows: 

a) userPCgoes online and user points his browser to .he Website of a Merchant server 
using any Web Brcwser Pmgrm; downloads „,„ dep|cBng merehandiMforsaleand 
eelecte merchandise to purchase which generates a purchase request to Merchant* 
server, all in a manner well known in the art. 

b) H"*""*-"^ 

payment and selecte option burton which designates the S „. payment plan of „, ^ 
invention, e.g. "SAFE OPTION". 

0 S ^-''^"Sa'eOp.lo„"ge„er a .esamessagebacK,o M erchan r sserverwhich 
mcudes user's IP address and Instructe Merchant's server to toward a request to 
Creditor, Toolbox ,o confirm thatthe useratthe IP address provided Is ,„ 
actively onlineand trying to make thls purchase, and ,b, tha, the user a, the IP address has 
the necessary credit to make such a purchase. 
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4 *°"««'P'="here,ues t from Mere ha„f SS e„er,Too,boxi mm6d(ate , ys9ndsa 
transmission to^P address provld6d by „ erehant , server . The 

*. which ,», search for, de cryp, a„ d rea d the U,D flies ,„ „ se ,s PC ,6 aae who , „ (lf the 
PC . a machine re g ,s,ere d In the system, and (b) whlch 96nera(6 , ^ 
,here ^ M .r' 8 bro w .r«o m , k . s „ r . thatthelransatttonrsdMlred ^ fte ^ 
system restored use, Th 8 e a d v i5 aa «ha, a transaction h,v,n g a partlcuiar value 

.sbe 1 „ g re q uea,a d a„ d asK S ,cr confirmaaon or reJe d ,,o„ of the ,ra„e,c,o„. Tore,ec„he ' 
.rarsacfjon, user can ,c«v. ly Reiec, h, pr,e„„ g , ReJac « button or s|mp|y by not 
respond „*,,„ . p ^ at6mllnod ^ ^ Jo ^ ^ ^ ^ ^ 

provide h„ user passworo and submit the form heck «o the Too,box. The form ls 
accon, P ,n,ed transparent by , h e fln,.^, ni6 contal „ |ng „,„ ^ ^ ^ 

,n,0,ma,,0n - — — * PC by the transmission from 

the Toolbox. 



•) "accepted by usar , than Too(box checks database , o mate sure ^ iimjt |s ^ 
exceeded and sends acoded confirmation ,o Merohanfa server «ha, ,h. tronsacflon ,s 



messa g o to advise user that the identified transaction has been 



successfully processed. 



As described hereinabove, d user either actively Rejects or falla ,o respond to the Pop-up 
message in a predetermined dm, period, for example, 2 mlnu.es, the Pop-up m.ssa g . 

«.sappearsandToo,boxadv,ses M erchanfsserver,ha„he tra „sao..o„,s„o t acoep te d 
Optionally, provision can be made where user can iabel a tendered transaction as .,usp,c,ous- 
and reiec, an oroer with prejudice, ,hu, a,a rt ,n g both Toolbox and Security Pro gram Manager 
and therefore Merchant, that some attempt was made to defroud Merchant. Obviously, this ' 
-<noWe dg e can provide gre a, benefits In a,d,n g to tract down cybet credit frauds and Inhlbi, 
criminal activity. 
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In another exemplary embodiment, shown in Fig. 8, the Creditor server is also an ISP 
server, or at least they are at the same location and being serviced by the same modem 
basket. The toolbox is still situated at that location as well. Thus, a bank which offers 
ISP services to its on-line customers can also offer them the safety of the Safe 
transaction system and method, which is carried out by the Toolbox right on the 
bank's/ISP's premises. 
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